package site.eblog.filter;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;
import javax.servlet.http.HttpServletResponse;

import org.springframework.web.filter.OncePerRequestFilter;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

public class MyXssFilter extends OncePerRequestFilter {

	private String excludedURL;
	

	public String getExcludedURL() {
		return excludedURL;
	}


	public void setExcludedURL(String excludedURL) {
		this.excludedURL = excludedURL;
	}


	@Override
	protected void doFilterInternal(HttpServletRequest request,
			HttpServletResponse response, FilterChain chain)
			throws ServletException, IOException {
		//去掉不拦截
		if(request.getRequestURL().toString().contains(excludedURL)){
			 chain.doFilter(request, response);
		}else{
			request = new XSSServletRequest(request);
			chain.doFilter(request, response);
		}
	}

	

}
